关键漏洞信息 Title: janet-lang janet 2fabc80 Heap-based Buffer Overflow Description: A Heap-buffer-overflow vulnerability was found in Janet. The crash occurs in the function during the compilation phase, specifically within . ASAN report indicates a READ violation of size 4 at the boundary of a 24-byte allocated region. Vendor confirmed and fixed this vulnerability in commit c43e066. Environment: OS: Linux x86_64 Compiler: Clang Build Configuration: Release mode with ASan enabled Vulnerability Details: Target: Janet (janet-lang) Vulnerability Type: CWE-125: Out-of-bounds Read Function: Location: Crash Context: - Root Cause Analysis: - Function handles the if special form incorrectly. - ASAN report shows a READ of size 4 at 0x50300000c348 (0 bytes after a 24-byte region).